Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,750
Maven
5,000+
npm
4,353
NuGet
765
pip
4,114
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

212 advisories

Loading
Vite Plugin React has a Source Code Exposure Vulnerability in React Server Components Moderate
GHSA-c6m7-q6pr-c64r was published for @vitejs/plugin-rsc (npm) Dec 12, 2025
Next Server Actions Source Code Exposure Moderate
GHSA-w37m-7fhw-fmv9 was published for next (npm) Dec 11, 2025
Source Code Exposure Vulnerability in React Server Components Moderate
CVE-2025-55183 was published for react-server-dom-parcel (npm) Dec 11, 2025
Zitadel Discloses the Total Number of Instance Users Moderate
CVE-2025-67717 was published for github.com/zitadel/zitadel (Go) Dec 10, 2025
IAM-marco livio-a
Credited to IAM-marco and livio-a
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in sizam... Moderate Unreviewed
CVE-2025-67565 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-67567 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in alekv... Moderate Unreviewed
CVE-2025-67564 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-67470 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-63070 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-63058 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Joel... Moderate Unreviewed
CVE-2025-62735 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-62737 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-63009 was published Dec 9, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-63013 was published Dec 9, 2025
Primakon Pi Portal 1.0.18 /api/v2/users endpoint is vulnerable to unauthorized data exposure due... Moderate Unreviewed
CVE-2025-64061 was published Nov 25, 2025
IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0... Moderate Unreviewed
CVE-2025-36112 was published Nov 24, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-66056 was published Nov 21, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Craig... Moderate Unreviewed
CVE-2025-66059 was published Nov 21, 2025
IBM Concert 1.0.0 through 2.0.0 could disclose sensitive server information from HTTP response... Moderate Unreviewed
CVE-2025-36160 was published Nov 21, 2025
Vodafone H500s devices running firmware v3.5.10 (hardware model Sercomm VFH500) expose the WiFi... High Unreviewed
CVE-2022-4985 was published Nov 15, 2025
IQ-Support developed by IQ Service International has a Exposure of Sensitive Information... Moderate Unreviewed
CVE-2025-13160 was published Nov 14, 2025
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in... Moderate Unreviewed
CVE-2025-64267 was published Nov 13, 2025
IBM OpenPages 9.0 and 9.1 is vulnerable to information disclosure of sensitive information due to... Moderate Unreviewed
CVE-2025-27368 was published Nov 12, 2025
Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions... High Unreviewed
CVE-2025-12779 was published Nov 6, 2025
Nagios XI versions prior to 2024R1.1.3, under certain circumstances, disclose sensitive user... Moderate Unreviewed
CVE-2024-13998 was published Nov 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database